<?php
/**
 * 获取收费隐藏内容
 */
session_cache_limiter('private,must-revalidate');
@session_start();
require_once(dirname(__FILE__)."/../include/common.inc.php");
helper(array('xorpay'));
if(!isset($action)) $action = '';
$plusUrl = strpos($cfg_phpurl,'http')===0 ? $cfg_phpurl : getLocalDomain().$cfg_phpurl;
if($action=='buy'){
    $out_trade_no = mt_rand(100000,999999);
    $hide = getHiden($aid);
    header('Location:'.$plusUrl.'/xorpay_pay.php?total_fee='.$hide['price'].'&out_trade_no='.$out_trade_no.'&aid='.$aid);
}else{
    require_once(DEDEINC.'/memberlogin.class.php');
    $cfg_ml = new MemberLogin();
    //$mid = $cfg_ml->M_ID;
    $mid = 0;

    if(isset($arcID)) $aid = $arcID;
    $arcID = $aid = (isset($aid) && is_numeric($aid)) ? $aid : 0;
    if($aid==0) die(' Request Error! ');
    $hideRow = getHiden($aid);
    $data['code'] = 1;
    $data['data'] = $hideRow['price'];
    $hideContent = gbk2utf8($hideRow['body']);
    if(!empty($hideRow) && $hideRow['arcrank']!=-1){
        $data['code'] = 2;
    }
    $row = $dsql->GetOne("SELECT mid FROM `#@__arctiny` WHERE id='$aid' ");
    $writer = $row['mid'];

    if($hideRow['arcrank']>0){
        if($cfg_ml->M_ID==0){
            //未登录
            unset($data['data']);
            $data['code'] = 3;
            $data['data']['needrank'] = getArcrankName($hideRow['arcrank']);
            $data['data']['userrank'] = gbk2utf8('游客');
            echo json_encode($data);exit();
        }
        if($hideRow['arcrank']>10){
            if($cfg_ml->M_Rank < $hideRow['arcrank'] && $writer != $cfg_ml->M_ID){
                $dsql->Execute('me' , "SELECT * FROM `#@__arcrank` ");
                while($row = $dsql->GetObject('me'))
                {
                    $memberTypes[$row->rank] = $row->membername;
                }
                unset($data['data']);
                $data['code'] = 4;
                $data['data']['needrank'] = getArcrankName($hideRow['arcrank']);
                $data['data']['userrank'] = gbk2utf8($memberTypes[$cfg_ml->M_Rank]);
                echo json_encode($data);exit();
            }
        }
    }
    if($hideRow['price']==0 && !empty($hideContent)){
        $data['code'] = 0;
        $data['data'] = $hideContent;
        echo json_encode($data);exit();
    }
    $code = $code ? intval($code) : intval(GetCookie('Code_'.$aid));
    if($code){
        $row = $dsql->GetOne("SELECT * FROM `#@__xororder` WHERE `out_trade_no`='{$code}' and `aid`={$aid} and status = 0");
        if($row){
            $data['code'] = 0;
            $data['data'] = $hideContent;
            PutCookie('Code_'.$aid,$code,86400);
        }
    }elseif($mid){

        if($mid == $writer){
            $data['code'] = 0;
            $data['data'] = $hideContent;
        }else{
            $addwhere = "`aid`={$aid} and status = 0 and `mid` = {$mid}";
            $row = $dsql->GetOne("SELECT * FROM `#@__xororder` WHERE {$addwhere}");
            if($row){
                $data['code'] = 0;
                $data['data'] = $hideContent;
            }
        }
    }else{
        $ip = GetIP();
        $row = $dsql->GetOne("SELECT * FROM `#@__xororder` WHERE `aid`={$aid} and `ip` = '{$ip}' and status = 0");
        if($row){
            $data['code'] = 0;
            $data['data'] = $hideContent;
        }
    }
    echo json_encode($data);exit();
}

function getHiden($aid)
{
    global $dsql;
    $row = $dsql->GetOne("SELECT * FROM `#@__hiddens` WHERE aid='{$aid}' ");
    return $row;
}
function getArcrankName($arcrank)
{
    global $dsql;
    $dsql->SetQuery("Select * from `#@__arcrank`");
    $dsql->Execute();
    while($row = $dsql->GetObject()){
        if($arcrank==$row->rank) return gbk2utf8($row->membername);
    }
}
